This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Is any one else seing this alert - Shh/Updater-B False positives

Virus/spyware 'Shh/Updater-B' has been detected in "C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_update.exe". Cleanup unavailable. This is trickling in as alerts but at an alarming rate.

This thread was automatically locked due to age.

Parents

0 Nathan over 13 years ago

toddh wrote:
Hey,
If we delete the Quarantine.xml file manually, when the client communicates back to the SEC should the alerts be cleared?
Or do we need to manually acknowledge the alerts?
I just tested this on my test rig. If the alerts are cleared from the endpoint QM, the next time the client reports to SEC the alert in SEC is automatically cleared.
:31777
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Nathan over 13 years ago

toddh wrote:
Hey,
If we delete the Quarantine.xml file manually, when the client communicates back to the SEC should the alerts be cleared?
Or do we need to manually acknowledge the alerts?
I just tested this on my test rig. If the alerts are cleared from the endpoint QM, the next time the client reports to SEC the alert in SEC is automatically cleared.
:31777
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data